OAuth2 in a Xojo Web app?

Can anyone share their experience getting an OAuth2 authentication flow working in a Xojo web app?

I’ve tried the Chilkat OAuth2 plug-in and --after modifying their example code-- have it working in a desktop app, but the same code does not work in a Xojo web app. I have not tried the MBS curl approach, but I might pivot to that soon.

Also… I expect to eventually deploy this app on Xojo Cloud, so any experience getting either the Chilkat or curl approach working in that environment (ie, opening additional port if needed, for example) would be helpful.

Thanks in advance!

OAuth should be using https, so the only thing you might need to do is open port 443. For more information about that, see http://documentation.xojo.com/index.php/FirewallPort

Could you elaborate?

To be fair, the Chilkat example code is described as a desktop app, not a web app:
https://www.example-code.com/xojo/salesforce_oauth2_access_token.asp

This works ok, at least as an example desktop app, but it has a hard coded 30-second loop that locks up the app; not a great design. The Chilkat class seems to lack the events one would need to first turn this into a well designed (ie, event driven) and then a web app.

Am wondering if I would be better off just implementing OAuth2 natively in my web app. Or using MBS curl.

Knowing how other folks have implemented OAuth2 in Xojo web apps would be helpful.

It might be better to ask on the Chilkat forum. From what I can see the 30 seconds are more like a timeout. And yes, the Chilkat stuff doesn’t seem to be very OO sometimes.

I exchanged some email with Chilkat on this topic, in which they said:

The Chilkat OAuth2 class is designed to help non-web-applications deal with OAuth2… you wouldn’t use Chilkat OAuth2 for a web-based app

Seems like the right path is to just implement OAuth2 directly in Xojo.